// SPDX-License-Identifier: GPL-2.0-or-later /* Peer event handling, typically ICMP messages. * * Copyright (C) 2007 Red Hat, Inc. All Rights Reserved. * Written by David Howells (dhowells@redhat.com) */ #include #include #include #include #include #include #include #include #include #include #include #include #include "ar-internal.h" static void rxrpc_adjust_mtu(struct rxrpc_peer *, unsigned int); static void rxrpc_store_error(struct rxrpc_peer *, struct sock_exterr_skb *); static void rxrpc_distribute_error(struct rxrpc_peer *, int, enum rxrpc_call_completion); /* * Find the peer associated with an ICMPv4 packet. */ static struct rxrpc_peer *rxrpc_lookup_peer_icmp_rcu(struct rxrpc_local *local, struct sk_buff *skb, unsigned int udp_offset, unsigned int *info, struct sockaddr_rxrpc *srx) { struct iphdr *ip, *ip0 = ip_hdr(skb); struct icmphdr *icmp = icmp_hdr(skb); struct udphdr *udp = (struct udphdr *)(skb->data + udp_offset); _enter("%u,%u,%u", ip0->protocol, icmp->type, icmp->code); switch (icmp->type) { case ICMP_DEST_UNREACH: *info = ntohs(icmp->un.frag.mtu); fallthrough; case ICMP_TIME_EXCEEDED: case ICMP_PARAMETERPROB: ip = (struct iphdr *)((void *)icmp + 8); break; default: return NULL; } memset(srx, 0, sizeof(*srx)); srx->transport_type = local->srx.transport_type; srx->transport_len = local->srx.transport_len; srx->transport.family = local->srx.transport.family; /* Can we see an ICMP4 packet on an ICMP6 listening socket? and vice * versa? */ switch (srx->transport.family) { case AF_INET: srx->transport_len = sizeof(srx->transport.sin); srx->transport.family = AF_INET; srx->transport.sin.sin_port = udp->dest; memcpy(&srx->transport.sin.sin_addr, &ip->daddr, sizeof(struct in_addr)); break; #ifdef CONFIG_AF_RXRPC_IPV6 case AF_INET6: srx->transport_len = sizeof(srx->transport.sin); srx->transport.family = AF_INET; srx->transport.sin.sin_port = udp->dest; memcpy(&srx->transport.sin.sin_addr, &ip->daddr, sizeof(struct in_addr)); break; #endif default: WARN_ON_ONCE(1); return NULL; } _net("ICMP {%pISp}", &srx->transport); return rxrpc_lookup_peer_rcu(local, srx); } #ifdef CONFIG_AF_RXRPC_IPV6 /* * Find the peer associated with an ICMPv6 packet. */ static struct rxrpc_peer *rxrpc_lookup_peer_icmp6_rcu(struct rxrpc_local *local, struct sk_buff *skb, unsigned int udp_offset, unsigned int *info, struct sockaddr_rxrpc *srx) { struct icmp6hdr *icmp = icmp6_hdr(skb); struct ipv6hdr *ip, *ip0 = ipv6_hdr(skb); struct udphdr *udp = (struct udphdr *)(skb->data + udp_offset); _enter("%u,%u,%u", ip0->nexthdr, icmp->icmp6_type, icmp->icmp6_code); switch (icmp->icmp6_type) { case ICMPV6_DEST_UNREACH: *info = ntohl(icmp->icmp6_mtu); fallthrough; case ICMPV6_PKT_TOOBIG: case ICMPV6_TIME_EXCEED: case ICMPV6_PARAMPROB: ip = (struct ipv6hdr *)((void *)icmp + 8); break; default: return NULL; } memset(srx, 0, sizeof(*srx)); srx->transport_type = local->srx.transport_type; srx->transport_len = local->srx.transport_len; srx->transport.family = local->srx.transport.family; /* Can we see an ICMP4 packet on an ICMP6 listening socket? and vice * versa? */ switch (srx->transport.family) { case AF_INET: _net("Rx ICMP6 on v4 sock"); srx->transport_len = sizeof(srx->transport.sin); srx->transport.family = AF_INET; srx->transport.sin.sin_port = udp->dest; memcpy(&srx->transport.sin.sin_addr, &ip->daddr.s6_addr32[3], sizeof(struct in_addr)); break; case AF_INET6: _net("Rx ICMP6"); srx->transport.sin.sin_port = udp->dest; memcpy(&srx->transport.sin6.sin6_addr, &ip->daddr, sizeof(struct in6_addr)); break; default: WARN_ON_ONCE(1); return NULL; } _net("ICMP {%pISp}", &srx->transport); return rxrpc_lookup_peer_rcu(local, srx); } #endif /* CONFIG_AF_RXRPC_IPV6 */ /* * Handle an error received on the local endpoint as a tunnel. */ void rxrpc_encap_err_rcv(struct sock *sk, struct sk_buff *skb, unsigned int udp_offset) { struct sock_extended_err ee; struct sockaddr_rxrpc srx; struct rxrpc_local *local; struct rxrpc_peer *peer; unsigned int info = 0; int err; u8 version = ip_hdr(skb)->version; u8 type = icmp_hdr(skb)->type; u8 code = icmp_hdr(skb)->code; rcu_read_lock(); local = rcu_dereference_sk_user_data(sk); if (unlikely(!local)) { rcu_read_unlock(); return; } rxrpc_new_skb(skb, rxrpc_skb_received); switch (ip_hdr(skb)->version) { case IPVERSION: peer = rxrpc_lookup_peer_icmp_rcu(local, skb, udp_offset, &info, &srx); break; #ifdef CONFIG_AF_RXRPC_IPV6 case 6: peer = rxrpc_lookup_peer_icmp6_rcu(local, skb, udp_offset, &info, &srx); break; #endif default: rcu_read_unlock(); return; } if (peer && !rxrpc_get_peer_maybe(peer)) peer = NULL; if (!peer) { rcu_read_unlock(); return; } memset(&ee, 0, sizeof(ee)); switch (version) { case IPVERSION: switch (type) { case ICMP_DEST_UNREACH: switch (code) { case ICMP_FRAG_NEEDED: rxrpc_adjust_mtu(peer, info); rcu_read_unlock(); rxrpc_put_peer(peer); return; default: break; } err = EHOSTUNREACH; if (code <= NR_ICMP_UNREACH) { /* Might want to do something different with * non-fatal errors */ //harderr = icmp_err_convert[code].fatal; err = icmp_err_convert[code].errno; } break; case ICMP_TIME_EXCEEDED: err = EHOSTUNREACH; break; default: err = EPROTO; break; } ee.ee_origin = SO_EE_ORIGIN_ICMP; ee.ee_type = type; ee.ee_code = code; ee.ee_errno = err; break; #ifdef CONFIG_AF_RXRPC_IPV6 case 6: switch (type) { case ICMPV6_PKT_TOOBIG: rxrpc_adjust_mtu(peer, info); rcu_read_unlock(); rxrpc_put_peer(peer); return; } icmpv6_err_convert(type, code, &err); if (err == EACCES) err = EHOSTUNREACH; ee.ee_origin = SO_EE_ORIGIN_ICMP6; ee.ee_type = type; ee.ee_code = code; ee.ee_errno = err; break; #endif } trace_rxrpc_rx_icmp(peer, &ee, &srx); rxrpc_distribute_error(peer, err, RXRPC_CALL_NETWORK_ERROR); rcu_read_unlock(); rxrpc_put_peer(peer); } /* * Find the peer associated with a local error. */ static struct rxrpc_peer *rxrpc_lookup_peer_local_rcu(struct rxrpc_local *local, const struct sk_buff *skb, struct sockaddr_rxrpc *srx) { struct sock_exterr_skb *serr = SKB_EXT_ERR(skb); _enter(""); memset(srx, 0, sizeof(*srx)); srx->transport_type = local->srx.transport_type; srx->transport_len = local->srx.transport_len; srx->transport.family = local->srx.transport.family; switch (srx->transport.family) { case AF_INET: srx->transport_len = sizeof(srx->transport.sin); srx->transport.family = AF_INET; srx->transport.sin.sin_port = serr->port; switch (serr->ee.ee_origin) { case SO_EE_ORIGIN_ICMP: _net("Rx ICMP"); memcpy(&srx->transport.sin.sin_addr, skb_network_header(skb) + serr->addr_offset, sizeof(struct in_addr)); break; case SO_EE_ORIGIN_ICMP6: _net("Rx ICMP6 on v4 sock"); memcpy(&srx->transport.sin.sin_addr, skb_network_header(skb) + serr->addr_offset + 12, sizeof(struct in_addr)); break; default: memcpy(&srx->transport.sin.sin_addr, &ip_hdr(skb)->saddr, sizeof(struct in_addr)); break; } break; #ifdef CONFIG_AF_RXRPC_IPV6 case AF_INET6: switch (serr->ee.ee_origin) { case SO_EE_ORIGIN_ICMP6: _net("Rx ICMP6"); srx->transport.sin6.sin6_port = serr->port; memcpy(&srx->transport.sin6.sin6_addr, skb_network_header(skb) + serr->addr_offset, sizeof(struct in6_addr)); break; case SO_EE_ORIGIN_ICMP: _net("Rx ICMP on v6 sock"); srx->transport_len = sizeof(srx->transport.sin); srx->transport.family = AF_INET; srx->transport.sin.sin_port = serr->port; memcpy(&srx->transport.sin.sin_addr, skb_network_header(skb) + serr->addr_offset, sizeof(struct in_addr)); break; default: memcpy(&srx->transport.sin6.sin6_addr, &ipv6_hdr(skb)->saddr, sizeof(struct in6_addr)); break; } break; #endif default: BUG(); } return rxrpc_lookup_peer_rcu(local, srx); } /* * Handle an MTU/fragmentation problem. */ static void rxrpc_adjust_mtu(struct rxrpc_peer *peer, unsigned int mtu) { _net("Rx ICMP Fragmentation Needed (%d)", mtu); /* wind down the local interface MTU */ if (mtu > 0 && peer->if_mtu == 65535 && mtu < peer->if_mtu) { peer->if_mtu = mtu; _net("I/F MTU %u", mtu); } if (mtu == 0) { /* they didn't give us a size, estimate one */ mtu = peer->if_mtu; if (mtu > 1500) { mtu >>= 1; if (mtu < 1500) mtu = 1500; } else { mtu -= 100; if (mtu < peer->hdrsize) mtu = peer->hdrsize + 4; } } if (mtu < peer->mtu) { spin_lock_bh(&peer->lock); peer->mtu = mtu; peer->maxdata = peer->mtu - peer->hdrsize; spin_unlock_bh(&peer->lock); _net("Net MTU %u (maxdata %u)", peer->mtu, peer->maxdata); } } /* * Handle an error received on the local endpoint. */ void rxrpc_error_report(struct sock *sk) { struct sock_exterr_skb *serr; struct sockaddr_rxrpc srx; struct rxrpc_local *local; struct rxrpc_peer *peer = NULL; struct sk_buff *skb; rcu_read_lock(); local = rcu_dereference_sk_user_data(sk); if (unlikely(!local)) { rcu_read_unlock(); return; } _enter("%p{%d}", sk, local->debug_id); /* Clear the outstanding error value on the socket so that it doesn't * cause kernel_sendmsg() to return it later. */ sock_error(sk); skb = sock_dequeue_err_skb(sk); if (!skb) { rcu_read_unlock(); _leave("UDP socket errqueue empty"); return; } rxrpc_new_skb(skb, rxrpc_skb_received); serr = SKB_EXT_ERR(skb); if (serr->ee.ee_origin == SO_EE_ORIGIN_LOCAL) { peer = rxrpc_lookup_peer_local_rcu(local, skb, &srx); if (peer && !rxrpc_get_peer_maybe(peer)) peer = NULL; if (peer) { trace_rxrpc_rx_icmp(peer, &serr->ee, &srx); rxrpc_store_error(peer, serr); } } rcu_read_unlock(); rxrpc_free_skb(skb, rxrpc_skb_freed); rxrpc_put_peer(peer); _leave(""); } /* * Map an error report to error codes on the peer record. */ static void rxrpc_store_error(struct rxrpc_peer *peer, struct sock_exterr_skb *serr) { enum rxrpc_call_completion compl = RXRPC_CALL_NETWORK_ERROR; struct sock_extended_err *ee; int err; _enter(""); ee = &serr->ee; err = ee->ee_errno; switch (ee->ee_origin) { case SO_EE_ORIGIN_ICMP: switch (ee->ee_type) { case ICMP_DEST_UNREACH: switch (ee->ee_code) { case ICMP_NET_UNREACH: _net("Rx Received ICMP Network Unreachable"); break; case ICMP_HOST_UNREACH: _net("Rx Received ICMP Host Unreachable"); break; case ICMP_PORT_UNREACH: _net("Rx Received ICMP Port Unreachable"); break; case ICMP_NET_UNKNOWN: _net("Rx Received ICMP Unknown Network"); break; case ICMP_HOST_UNKNOWN: _net("Rx Received ICMP Unknown Host"); break; default: _net("Rx Received ICMP DestUnreach code=%u", ee->ee_code); break; } break; case ICMP_TIME_EXCEEDED: _net("Rx Received ICMP TTL Exceeded"); break; default: _proto("Rx Received ICMP error { type=%u code=%u }", ee->ee_type, ee->ee_code); break; } break; case SO_EE_ORIGIN_NONE: case SO_EE_ORIGIN_LOCAL: _proto("Rx Received local error { error=%d }", err); compl = RXRPC_CALL_LOCAL_ERROR; break; case SO_EE_ORIGIN_ICMP6: if (err == EACCES) err = EHOSTUNREACH; fallthrough; default: _proto("Rx Received error report { orig=%u }", ee->ee_origin); break; } rxrpc_distribute_error(peer, err, compl); } /* * Distribute an error that occurred on a peer. */ static void rxrpc_distribute_error(struct rxrpc_peer *peer, int error, enum rxrpc_call_completion compl) { struct rxrpc_call *call; hlist_for_each_entry_rcu(call, &peer->error_targets, error_link) { rxrpc_see_call(call); rxrpc_set_call_completion(call, compl, 0, -error); } } /* * Perform keep-alive pings. */ static void rxrpc_peer_keepalive_dispatch(struct rxrpc_net *rxnet, struct list_head *collector, time64_t base, u8 cursor) { struct rxrpc_peer *peer; const u8 mask = ARRAY_SIZE(rxnet->peer_keepalive) - 1; time64_t keepalive_at; int slot; spin_lock_bh(&rxnet->peer_hash_lock); while (!list_empty(collector)) { peer = list_entry(collector->next, struct rxrpc_peer, keepalive_link); list_del_init(&peer->keepalive_link); if (!rxrpc_get_peer_maybe(peer)) continue; if (__rxrpc_use_local(peer->local)) { spin_unlock_bh(&rxnet->peer_hash_lock); keepalive_at = peer->last_tx_at + RXRPC_KEEPALIVE_TIME; slot = keepalive_at - base; _debug("%02x peer %u t=%d {%pISp}", cursor, peer->debug_id, slot, &peer->srx.transport); if (keepalive_at <= base || keepalive_at > base + RXRPC_KEEPALIVE_TIME) { rxrpc_send_keepalive(peer); slot = RXRPC_KEEPALIVE_TIME; } /* A transmission to this peer occurred since last we * examined it so put it into the appropriate future * bucket. */ slot += cursor; slot &= mask; spin_lock_bh(&rxnet->peer_hash_lock); list_add_tail(&peer->keepalive_link, &rxnet->peer_keepalive[slot & mask]); rxrpc_unuse_local(peer->local); } rxrpc_put_peer_locked(peer); } spin_unlock_bh(&rxnet->peer_hash_lock); } /* * Perform keep-alive pings with VERSION packets to keep any NAT alive. */ void rxrpc_peer_keepalive_worker(struct work_struct *work) { struct rxrpc_net *rxnet = container_of(work, struct rxrpc_net, peer_keepalive_work); const u8 mask = ARRAY_SIZE(rxnet->peer_keepalive) - 1; time64_t base, now, delay; u8 cursor, stop; LIST_HEAD(collector); now = ktime_get_seconds(); base = rxnet->peer_keepalive_base; cursor = rxnet->peer_keepalive_cursor; _enter("%lld,%u", base - now, cursor); if (!rxnet->live) return; /* Remove to a temporary list all the peers that are currently lodged * in expired buckets plus all new peers. * * Everything in the bucket at the cursor is processed this * second; the bucket at cursor + 1 goes at now + 1s and so * on... */ spin_lock_bh(&rxnet->peer_hash_lock); list_splice_init(&rxnet->peer_keepalive_new, &collector); stop = cursor + ARRAY_SIZE(rxnet->peer_keepalive); while (base <= now && (s8)(cursor - stop) < 0) { list_splice_tail_init(&rxnet->peer_keepalive[cursor & mask], &collector); base++; cursor++; } base = now; spin_unlock_bh(&rxnet->peer_hash_lock); rxnet->peer_keepalive_base = base; rxnet->peer_keepalive_cursor = cursor; rxrpc_peer_keepalive_dispatch(rxnet, &collector, base, cursor); ASSERT(list_empty(&collector)); /* Schedule the timer for the next occupied timeslot. */ cursor = rxnet->peer_keepalive_cursor; stop = cursor + RXRPC_KEEPALIVE_TIME - 1; for (; (s8)(cursor - stop) < 0; cursor++) { if (!list_empty(&rxnet->peer_keepalive[cursor & mask])) break; base++; } now = ktime_get_seconds(); delay = base - now; if (delay < 1) delay = 1; delay *= HZ; if (rxnet->live) timer_reduce(&rxnet->peer_keepalive_timer, jiffies + delay); _leave(""); }